Certificates

From IVS Wiki
Jump to: navigation, search

Certificates

IVS is not responsible for maintaining the renewal of certificates that may be installed on your system. We are happy to work with you to provide you with a CSR file or to install the renewed certificate on your VALT system when it is needed. We recommend that all customers set up a reminder to renew the certificate at least a week prior to certificate expiration.

A certificate is a digital file that is used to establish a secure connection between a client and a server (e.g., VALT). It is a key part of SSL/TLS encryption, ensuring that data transmitted between the two parties is encrypted and that the server is authentic.


▶️ Watch our brief video on this topic!



How Do Server Certificates Work?


1. Certificate Issuance

  • A Certificate Signing Request (CSR) file and a private key file can be generated on your server.

🕮If you need help getting a CSR, contact the IVS Support Team.

  • The CSR file will be sent to a Certificate Authority (CA).
  • The CA verifies the server's identity and issues a server certificate.

2. Installation on the VALT Server

  • Once you have the cert, it can be installed, along with the private key, and the CA's root/intermediate certificates.

The VALT cert needs to be applied to multiple services. If it is applied to only the web application, full functionality will NOT be restored.

🕮If you are looking to install your certs, please contact the IVS Support Team.


3. Client Requests a Secure Connection

  • When a client (browser) tries to connect to the server, it will present its certificate.

4. Certificate Validation

  • The client checks if the certificate is valid (not expired, issued by a trusted CA, and matches the domain).
  • If valid, the server and client establish an encrypted connection using TLS.
  • If not valid, the browser will show an error message.

5. Secure Data Transmission

  • Once validated, encrypted data is exchanged securely.

What is Expected of Me?

  1. Schedule a 1-hour Support session with us over at our booking site.
  2. An IVS Support Engineer will either create a CSR file and key file that can be provided to you to generate a certificate (or you can provide us with a wildcard certificate and key file).
  3. Once you have the certificate in hand, we will install the certificate alongside the private key and the CA's root/intermediate certificates.
  4. After installation of the certificate, the Support Engineer will ensure proper system functionality.

🕮Looking to contact the IVS Support Team?


Supported Certificates Types with VALT

  • Single Certificate with Subject Alternative Names (SANs)
  • Wildcard Certificate

Certificates can be provided in PEM or PFX (or PKCS12) format.